DeliverPoint allows a variety of users: DeliverPoint permission operators, site collection administrators, site owners, power users, and end users; to manage SharePoint permissions in Microsoft® SharePoint® Server 2013, Microsoft® SharePoint Foundation 2013, or Microsoft® SharePoint 2016 on-premises deployments.
Users can use DeliverPoint to manage permissions from:
- The Settings menu, to display the DeliverPoint dashboard, or to run a Discover Site Permissions report.
- DeliverPoint Ribbon tab, for example, on lists and libraries, you can use the Ribbon to initiate the Discover List Permissions and discover Unique Items permissions commands.
- List Item Menu on folders, list items and files, which, for example, you can use to initiate the Discover Items Permissions action.
DeliverPoint allows you to manage permissions at the account, farm, Web Application, site collection, site, list, folder, and list item levels. To manage account permissions or permissions at a web application, site collection or site level, you use the DeliverPoint dashboard. You can also use the Discover Site Permissions link from the Settings menu to manage permissions at a site level. By default, to manage list, folder, or item permissions, navigate to the list and use the DeliverPoint Ribbon. List and folder permissions can also be managed using the DeliverPoint dashboard when the Show Lists and Libraries in Reports check box is selected on the DeliverPoint Treeview settings page.
For example, when using the DeliverPoint dashboard, where you can switch between an Account or Farm centric view, select one or more checkboxes to the left of a SharePoint object in the tree view, which activates the Commands Ribbon and then click the required command.
The DeliverPoint command you choose affect all permissions for the targeted account in scope. For example, when you select Copy Permissions at the Managed Path level, since all site collections within the Managed Path are part of the inheritance chain, they are said to be in scope. Site collections that exist under other Managed Paths would not be in scope because they are not part of the selected Managed Path’s inheritance chain.
It is important to know which objects are in scope for every command you execute using DeliverPoint. For example, if you select the Delete Permissions command at the Farm level, then all Web Applications, Managed Paths, site collections, sites (webs), lists, folders, and list items are in scope for this action. Be sure to target the execution of permissions at the intended level of inheritance so you don’t change permissions for a user on the wrong or unintended objects.
References
- Introduction: Control user access with permissions
- Video: Understanding permissions in SharePoint
- Permissions planning for sites and content in SharePoint 2016 (To view this reference for previous versions of SharePoint, use the Other Versions drop down menu beneath the Technet article title, and select SharePoint 2013)
- Plan your permissions strategy
- Governance: Permission Management
Post your comment on this topic.